Warning banner with default deployment #6

New Issue

cas · 2025-09-08T17:55:21Z

cas commented

2025-09-08 17:55:21 +00:00

 Warning! It looks like trusted-proxies is not set correctly in this instance's configuration. This may cause rate-limiting issues and, by extension, federation issues.

If you are the instance admin, you should fix this by adding 10.0.0.2/32 to your trusted-proxies.

I looked at the config, and it contains an trusted-proxies entry that has an IP range covering this address; I wonder if this is a false error or something else needs to be done.

trusted-proxies: [172.16.0.0/12, 10.0.0.0/8]

``` Warning! It looks like trusted-proxies is not set correctly in this instance's configuration. This may cause rate-limiting issues and, by extension, federation issues. If you are the instance admin, you should fix this by adding 10.0.0.2/32 to your trusted-proxies. ``` I looked at the config, and it contains an `trusted-proxies` entry that has an IP range covering this address; I wonder if this is a false error or something else needs to be done. ``` trusted-proxies: [172.16.0.0/12, 10.0.0.0/8] ```

cas commented

2025-09-08 18:03:17 +00:00

I added an advanced-rate-limit-exceptions key to the config and it seems to have resolved it. Dunno if that's a good way to fix it.

I added an `advanced-rate-limit-exceptions` key to the config and it seems to have resolved it. Dunno if that's a good way to fix it.

Brooke commented

2025-09-08 18:51:51 +00:00

yeah I ran into this issue a number of times, setting trusted-proxies was my best attempt but seems like it doesn't work on the most recent version. Looking at the documentation it seems like advanced-rate-limit-exceptions exists for this purpose(?) I'm fine with this fix personally unless there is something big I'm missing.

yeah I ran into this issue a number of times, setting `trusted-proxies` was my best attempt but seems like it doesn't work on the most recent version. Looking at the documentation it seems like `advanced-rate-limit-exceptions` exists for this purpose(?) I'm fine with this fix personally unless there is something big I'm missing.

👍 2

Brooke commented

2025-09-08 18:52:24 +00:00

Unrelated to this bug i was looking a the debug config output and it showed:
    "trusted-proxies": [
        "127.0.0.1/32",
        "::1"
    ],
So that may point to the problem, lol.

ah only saw this after I sent my first comment, will look into this later.

> Unrelated to this bug i was looking a the `debug config` output and it showed: > > ``` > "trusted-proxies": [ > "127.0.0.1/32", > "::1" > ], > ``` > > So that may point to the problem, lol. > ah only saw this after I sent my first comment, will look into this later.

cas commented

2025-09-08 20:49:17 +00:00

Unrelated to this bug i was looking a the debug config output and it showed:
    "trusted-proxies": [
        "127.0.0.1/32",
        "::1"
    ],
So that may point to the problem, lol.
ah only saw this after I sent my first comment, will look into this later.

I deleted this comment - this was a user error on my part for not specifying --config-file when using ./gotosocial

> > Unrelated to this bug i was looking a the `debug config` output and it showed: > > > > ``` > > "trusted-proxies": [ > > "127.0.0.1/32", > > "::1" > > ], > > ``` > > > > So that may point to the problem, lol. > > > > ah only saw this after I sent my first comment, will look into this later. I deleted this comment - this was a user error on my part for not specifying --config-file when using ./gotosocial

👍 2

cas commented

2025-09-08 20:50:00 +00:00

yeah I ran into this issue a number of times, setting trusted-proxies was my best attempt but seems like it doesn't work on the most recent version. Looking at the documentation it seems like advanced-rate-limit-exceptions exists for this purpose(?) I'm fine with this fix personally unless there is something big I'm missing.

I have made a branch that makes that change, i'm testing it out on a few instances.

> yeah I ran into this issue a number of times, setting `trusted-proxies` was my best attempt but seems like it doesn't work on the most recent version. Looking at the documentation it seems like `advanced-rate-limit-exceptions` exists for this purpose(?) I'm fine with this fix personally unless there is something big I'm missing. I have made a branch that makes that change, i'm testing it out on a few instances.

👍 2

Brooke commented

2025-09-08 21:53:49 +00:00

Thanks!

❤️ 1

Brooke commented

2025-09-27 17:22:48 +00:00

How's testing? @cas

cas commented

2025-10-03 18:27:56 +00:00

As far as I can tell things are working great with the change. It seems like the downsides might be slightly invisible though, if this is part of anti-spam or federation control stuff. I don't know enough about those to test them.

cas commented

2025-10-17 17:12:30 +00:00

pr #7 with fix

cas commented

2025-10-21 18:41:41 +00:00

Fix has been merged!

cas closed this issue

2025-10-21 18:41:41 +00:00

Sign in to join this conversation.

2 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/gotosocial#6